6 Worst Security Breaches

The Equifax data breach discovered in July 2017 released the personal information of over 40 percent of U.S. consumers into cyberspace. The consequences of that hacking are not yet clear, but one thing is certain. Equifax was not the first nor will it be the last company to suffer from hacker attacks. Let's take a look at some of the bigger security breaches in recent years.

Hacking the Government

Wikileaks received top-secret data from CIA files when hackers broke through the government security systems. The information contained intelligence on CIA activities, along with information about breaking into iPhones and Android devices and smart TVs. But the CIA is not alone when it comes to government breaches. Records were stolen from the U.S. Office of Personnel Management in two separate but linked hacks, discovered in 2014 and 2015, affecting millions of current and former federal employees.

Hacks Against Law Enforcement

Another hack only discovered in 2017 involved Police One, a law enforcement forum accessed by police and federal law enforcement agents. The site still used outdated software and easy-to-crack passwords. No matter who you are, vulnerability to hackers is a real threat. Using a comprehensive list of security protocols, including stronger passwords, encryption, and access restrictions, reduces your vulnerability.


The Equifax Breach

When Equifax discovered that 143 million consumers had their information hacked, it furthered the crisis with its response and remediation efforts. The data security tools failed, and Equifax's customer service support website appeared affected. The failure forced Equifax into pulling a clause that prevented customers from suing the bureau. The monetary damages continue to mount for Equifax, while customers are at increased risk of identity theft.

Verizon Partner Breach

Millions of customers of Verizon had their records leaked earlier this year when one of Verizon’s partners, Nice Systems, misconfigured an AWS S3 bucket. They left the bucket open to be read by anyone with URL to the bucket.

This breach highlighted the need for organizations and their partners to both understand and follow AWS security best practices that could keep them from making headlines for all the wrong reasons.

Costly Lunches

Arby's suffered a security breach announced early in 2017. Malicious software, loaded on corporate-owned restaurants, caused theft of information including credit and debit card data from October 2016 to January 2017. Franchise locations appeared safe from this breach. Arby's removed the software and hired security experts to investigate the incident and install new security tools.

Gamers Beware

Video game giant E-Sports Entertainment suffered a ransomware attack in December 2016. The hackers stole data from 1.5 million subscribers, including registration information, dates, locations, usernames, email addresses, and phone numbers. E-Sports refused to pay the ransom, shutting the site down temporarily. E-sports then instructed users to change passwords on their game accounts and any other sites where they store personal information. The site tightened security and explained the course of action for its customers.

Stock Market Exposure

Dow Jones & Co says 2.2 million subscribers had their information exposed to the public from a breach through Amazon Web Services. Dow Jones publishes the Wall Street Journal and Barron's magazines, among others. It's not clear if this was an actual hack or just a software failure, but customer names, addresses, and the last four digits of credit cards were all exposed to the public.

Other breaches affected Verizon, Dun & Bradstreet, Yahoo, and many online retailers. Your best defense is watching your accounts closely and looking for suspicious activity.

No comments:

Post a Comment